Internal Audit

Deloitte IA outsourcing services can be an effective way for an entity’s management to focus its time and effort on the core competencies of the organization while their IA function is being outsourced to an external third party. This solution not only benefits an organization from a cost and resource perspective but also ensures that the IA function is objective.

Deloitte’s IA outsourcing service includes all IA activities from the point of developing an IA strategy and charter, assessing the organization's risk, establishing an IA plan, execution of annual planning, testing, reporting to management and the audit committee all the way to follow-up IA procedures.

Increasingly, IA departments are leveraging the benefits of co-sourcing to supplement their IA team with external resources or specialized skills. Co-sourcing provides a flexible solution to the resourcing needs of an in-house IA department including:

• Resource enhancement: Deloitte can provide organizations with skilled IA professionals to perform special IA projects or fill vacant IA positions to enable the completion of its annual IA plan.
• Specialized skills: Deloitte can provide organizations with IA professionals who are specialised in a certain IA area such as IT, regulatory compliance, and cybersecurity, among other areas.

In accordance with the Institute of Internal Auditors (“IIA”) International Standards for the Professional Practice of Internal Auditing, companies are required to conduct an independent quality assessment of their IA function at least once every five (5) years. As such, Deloitte can assist its clients in meeting this requirement.

Our IT IA services professionals offer solutions to help clients extend their IA oversight and performance, addressing IT risks as well as broader organization-wide business risks, such as cybersecurity.

Through a cybersecurity assessment framework, we are assisting IA functions with providing an objective assessment of existing and needed controls. We are also helping audit committees and boards recognize and address the diverse risks of the digital world.

As a leading provider of SOX services, Deloitte has a broad view of requirements—from the initial top-down risk assessment, scoping, and planning to practice documentation, testing, and assessment of design and operating effectiveness through the timely reporting and evaluation of results.

We use an innovative and proactive approach that incorporates the right tools and techniques to help organizations deploy the solutions that are right for them. And the models we leverage enable clients to properly focus on gaining the necessary efficiencies and effectiveness in the SOX program.

Deloitte offers specialized IA advisory services which include assisting organizations with developing and implementing integral IA sub-process areas as well as advising on how elements of the IA can function more effectively to meet a client's objectives. These service are specifically agreed upon and may also include general consultative advice, supporting clients in developing their IA strategy, conducting IA risk assessments, developing IA plans and training on specific focus areas requiring attention.

Loaned staffed engagements represent the provision of internal audit resources that are under the sole direction of the client without Deloitte oversight. This can be useful in order to supplement your own internal audit team where a client has insufficient resources.